• A small industry emerges to support would-be credit card thieves, malware writers

    There is money to be made in credit card theft, so a small industry has emerged to help commercialize the business; a software kit, known as Zeus, epitomizes the commercialization of the malware services industry: as is the case with other malicious software, Zeus can easily be bought online, in this case for between $400 and $700; detailed instructions on how to use it are readily available, too; to check whether a piece of malware is on the security companies’ blacklists, hackers can send their creations to Web sites such as virtest.com, which for just $1 will try the code out on more than twenty antivirus products; if the malware fails the test, would-be criminals can simply upload their malware to another site that will tweak it to render it unrecognizable

  • U.S. government pours money into cyber security technologies and R&D

    With a cumulative market valued at $55 billion (2010-15), the U.S. federal cybersecurity market will grow steadily at about 6.2 percent CAGR; new study says that Deep Packet Inspection (DPI) technology is in a very favorable position to emerge as a major line of cyber defense for years to come as the only technology that can deliver the good

  • U.S. cybercrime losses double

    The value of Internet crime loss complaints in the United States rose from $265 million in 2008 to reach $560 million last year; U.S. businesses lost $120 million in the third quarter of 2009 to phishing and Trojan-based online banking scams, according to figures from the U.S. Federal Deposit Insurance Corporation

  • U.K. spy agencies replace failed secret messaging system, try to recover money from IBM

    IBM was contracted by the British secret service to develop a secret, secure communication system for its operatives; after delays and technical failures, the contract was pulled and the intelligence services have launched a new project to extend a new secret messaging system to thousands of terminals across the intelligence agencies, as well as the Home Office, SOCA, Ministry of Defense, and other departments; at the same time, the government is still trying to recover the £24.4 million paid to IBM

  • Delay in start date for U.K. cyberdefense center

    The U.K. government’s Cyber Security Operations Center, charged with protecting Britain’s critical IT infrastructure, was supposed to become operational yesterday; the government said it would become operational by the end of the month

  • Toronto police to buy encrypted radios

    The Toronto police will spend CAN$35 million on encrypted radios; new system may shut out public eavesdroppers — by tow-truck drivers, the media, scanning enthusiasts — starting with the June 2010 G20 summit

  • GAO: U.S. government not properly coordinating cybersecurity efforts

    The U.S. Government Accountability Office, in addressing the Obama administration’s Comprehensive National Cyber Security Initiative (CNCI), a secretive initiative inherited from the Bush administration, warned that “Federal agencies have overlapping and uncoordinated responsibilities for cybersecurity, and it is unclear where the full responsibility for coordination lies”

  • Top concern at RSA 2010: security of cloud computing

    Cloud computing offers efficiency and cost reduction, but it also offer new opportunities to hackers and cybercriminals; Melissa Hathaway, former senior director for cyberspace for the National Security Council, said the migration toward the cloud is gaining momentum without having satisfactorily addressed several pressing concerns; former National Security Agency technical director Brian Snow said he does not trust the cloud

  • FBI: Cyber-terrorism a real and growing threat to U.S.

    FBI director Robert Mueller: “The risks are right at our doorsteps and in some cases they are in the house”; Richard Clarke, former White House terrorism czar: “Every major company in the U.S. and Europe has been penetrated — it’s industrial warfare”

  • Private industry sees opportunities in cybersecurity

    Nadia Short, director of Strategic Planning and Business Development Information Assurance Division at General Dynamics: “The release of the [DHS] budgets earlier this month indicate a growth in cyberspending across all the services…. With that, as well as continuing the natural evolution of what cyber will mean for dot-gov and dot-mil, it will mean nothing but opportunity for private industry”

  • Smart grid attack likely

    The smart grid’s distributed approach exposes these networks and systems, especially in the early phases of deployment; the communication among these networks and systems will be predominantly wireless and it is assumed they will be sniffed, penetrated, hacked, and service will be denied

  • Former DNI: If U.S. went to war today in a cyberwar, it would lose

    Former director of national intelligence Michael McConnell compared the danger of cyberwar to the nuclear threat posed by the Soviet Union during the cold war; “If we went to war today in a cyberwar, we would lose,” McConnell said

  • U.K. government: even modest cyber attacks will have "catastrophic" impact on public confidence

    U.K. cybersecurity agency says that cyberattack do not have to be massively severe to undermine the public confidence in the government; agency says that government eavesdroppers also face a secret “cyber arms race” to develop quantum cryptography technology

  • New security threat against smart phone users

    Researchers demonstrate how a software attack could cause a smart phone to eavesdrop on a meeting, track its owner’s travels, or rapidly drain its battery to render the phone useless; these actions could happen without the owner being aware of what happened or what caused them

  • Deadline for Massachusetts' “Written Information Security Program” looms

    As of 1 March 2010, Massachusetts will require that all Massachusetts companies — and even companies operating outside the Commonwealth, but which do business in Massachusetts — to implement stringent personal data privacy law, the data protections pertain to not just electronically stored and transmitted information but also hard copy formats